A mysterious group of hackers, known as the Turkish Crime Family, are threatening to wipe up to 300 million iPhones and iCloud accounts unless Apple pays a ransom by April 7th. To legitimize their claims, the Turkish Crime Family sent Apple a YouTube video that demonstrates them logging into some of the stolen accounts. In addition, they provided screenshots of their communication with Apple.
Several inconsistencies exist with the story, including the number of accounts the hackers have access to. Members of the group have claimed to have anywhere between 300 million accounts and 559 million accounts, making it difficult to verify their statements. However, the hackers say at least 220 million of the login credentials are verified to work and do not have two-factor authentication enabled.
Originally, the ransom was believed to be $75,000 in Bitcoin or $100,000 in iTunes gift cards. Conversely, according to the Turkish Crime Family Twitter page, the sum is much higher. At this time, Apple is refusing to pay the ransom because they “do not reward cyber criminals for breaking the law.” The group of hackers have reached out to multiple media outlets in an attempt to put more pressure on Apple.
If you are concerned with the security of your iCloud account, the following are precautionary measures you can take:
- Change or reset your password and make sure the password you use is strong.
- Update your security recovery questions.
- Enable two-factor authentication on your account.
For more iPhone security tips and best practices, download our iPhone Security Guide. Additionally, if you would like to discuss how a similar event could affect your business or if you would like to develop an incident response plan, please reach out at info@compasscyber.com or 667-401-5108.
